Jennifer Stisa Granick is the Director of Civil Liberties at the Stanford Center for Internet and Society. She is the author of a forthcoming book from Cambridge University Press entitled American Spies: Modern Surveillance, Why You Should Care, and What To Do About It. From 2001 to 2007, Granick was Executive Director of CIS and taught Cyberlaw, Computer Crime Law, Internet intermediary liability, and Internet law and policy. From 2007 to 2010 she served as the Civil Liberties Director at the Electronic Frontier Foundation. Granick practices, speaks, and writes about computer crime and security, electronic surveillance, security vulnerability disclosure, encryption policy, and the Fourth Amendment. In March of 2016, she received Duo Security’s Women in Security Academic Award for her expertise in the field as well as her direction and guidance for young women in the security industry. Before teaching at Stanford, Granick spent almost a decade practicing criminal defense law in California.

Yesterday I attended a conference at the Hoover Institution on “Intelligence Challenges.” I also spoke on a panel in the morning about Civil Liberties. A version of my prepared remarks is below. Ben Wittes has an interesting post on the event.

Yesterday afternoon, the White House put out a statement describing its view of vulnerability disclosure: the contentious issue of whether and when government agencies should disclose their knowledge of computer vulnerabilities. Over at Just Security, I highlight some parts of the announcement for further thought.

Over at Just Security, I have a new piece on the Washington Post's interesting story about the increasingly aggressive role some federal magistrate judges are playing in policing criminal investigations involving digital media.

Today the Fourth Circuit refrained from deciding the first legal challenge to government seizure of the master encryption keys that secure our communications with web sites and email servers. Nevertheless, the Court upheld contempt of court sanctions, because of the Lavabit owner’s foot dragging during proceedings. Lavabit had failed to raise the substantive issues below, it decided, thus precluding appellate review.

Pages

Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.

Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.

After the Estate of James Joyce refused to allow a scholar to quote Joyce in her book, we successfully defended her right under the fair use doctrine to use the quotes she needed to illustrate her scholarship. After we prevailed in the case, the Estate paid $240,000 of our client’s legal fees.

In this case, two archives challenged statutes that extended copyright terms unconditionally—the Copyright Renewal Act and the Copyright Term Extension Act (CTEA)—as unconstitutional under Copyright Clause and the First Amendment.

In our previous posts, we’ve argued that the NSA is collecting massive amounts of data about US citizens under conditions that have nothing to do with terrorism or national security, thanks to the authorities granted to the US government by section 702 of the Foreign Intelligence Surveillance Act.

Last week, we argued that the public discussion surrounding two of the government’s most controversial mass surveillance programs – PRISM and Upstream – has not sufficiently acknowledged the broad scope of collection under these programs, which take place under section 702 of the Foreign Intelligence Surveillance Act (FISA). In short, hiding behind the counterterrorism justifications for section 702 is a broad surveillance program that sucks up massive amounts of irrelevant private data.

The legal authority behind the controversial PRISM and Upstream surveillance programs used by the NSA to collect large swaths of private communications from leading Internet companies – Section 702 of the Foreign Intelligence Surveillance Act (FISA) – is scheduled to expire on December 31, 2017. In recent months, Congress began to review these programs to assess whether to renew, reform, or retire section 702. Unfortunately, it appears the debate has already been skewed by misconceptions about the true scope of surveillance conducted under the contentious provision.

This post is the latest installment of our “Monday Reflections” feature, in which a different Just Security editor examines the big stories from the previous week or looks ahead to key developments on the horizon.

Pages

"Jennifer Granick, director of Civil Liberties at the Stanford Center for Internet and Society, explained that separating the needs of law enforcement from the public’s rights under the Constitution is not as simple as it might seem. She calls this policy battle the third “crypto war.”

"“This is another example of how the government is pushing secretly novel or innovative interpretations of surveillance law” to conduct wiretapping in broader ways than the public realizes, said Jennifer Granick, the director of civil liberties at the Stanford Law School Center for Internet and Society."

"“The Justice Department is pushing the envelope,” said Jennifer Granick, director of civil liberties at the Stanford Law School Center for Internet and Society. Big companies like Apple and Microsoft have the wherewithal to push back, she said. But smaller companies may cave, rather than risk an expensive fight."

"Two lawyers and legal researchers based at Stanford University have formally asked a federal court in San Francisco to unseal numerous records of surveillance-related cases, as a way to better understand how authorities seek such powers from judges. This courthouse is responsible for the entire Northern District of California, which includes the region where tech companies such as Twitter, Apple, and Google, are based.

Pages

Join Mozilla and Stanford CIS for the second installment in a series of conversations about government hacking. Information from our first event, discussing the upcoming changes to Federal Rule of Criminal Procedure 41, are available at that event’s page here.

Stanford CIS brings together scholars, academics, legislators, students, programmers, security researchers, and scientists to study the interaction of new technologies and the law and to examine how the synergy between the two can either promote or harm public goods like free speech, innovation, privacy, public commons, diversity, and scientific inquiry. Come hear CIS Directors Jennifer Granick + Daphne Keller and Resident Fellows Riana Pfefferkorn + Luiz Fernando Marrey Moncau talk about our work, and the assistance CIS provides to students in learning about these issues, selecting courses, identifying job opportunities, and making professional connections.

To celebrate the one-year anniversary of the Stanford Cryptography Policy Project, we are holding an afternoon event highlighting our research and accomplishments over the past year. As our keynote speakers, it is our pleasure to welcome the Honorable Stephen W. Smith, Magistrate Judge of the Southern District of Texas, and Paul S. Grewal, former Magistrate Judge of the Northern District of California.

Pages

Jennifer Granick talks about how notions of privacy have changed over the years and where she thinks things are headed in the future. She is a professor at the Stanford School of Law and Director of Civil Liberties at the Center for Internet and Society, where she specializes in the intersection of engineering, privacy and the law.

What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).

In this week's feature interview we're chatting with Stanford's very own Jennifer Granick about a recent ruling in a Virginia court that appears to give the FBI permission to hack into any computer it wants, sans warrant. Well that's what the headlines are screaming, anyway. But as you'll hear, it's not quite that black and white.

""What was remarkable was that the public hadn't seen the argument surfaced," says Jennifer Granick at the Stanford Center for Internet and Society. She says Judge Orenstein was trying to stoke a public debate. "Judge Orenstein had concerns about whether the government's legal argument was a valid legal argument."